package org.dfzt.config;

import org.dfzt.config.filter.XssFilter;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.Ordered;

import java.util.HashMap;
import java.util.Map;

/**
 * 过滤器注册中心
 * 使用FilterRegistrationBean进行加载filter并指定过滤地址、过滤顺序（setOrder值越大，优先级越高）
 * xss攻击过滤器优先级最高。其次jwtFilter，其次shiro认证
 * @author furao
 * @date 2020/1/16
 * @package com.dfzt.config.filter
 */
@Configuration
public class FilterMainConfig {

    @Value("${isEncrypt:false}")
    private boolean isEncrypt;

    @Bean
    public FilterRegistrationBean<XssFilter> xssFilter(){
        FilterRegistrationBean<XssFilter> filterRegistrationBean = new FilterRegistrationBean<>();
        filterRegistrationBean.setFilter(new XssFilter(isEncrypt));
        filterRegistrationBean.setOrder(Integer.MAX_VALUE-1);
        filterRegistrationBean.setEnabled(true);
        filterRegistrationBean.addUrlPatterns("/*");
        Map<String, String> initParameters = new HashMap<>();
        //excludes用于配置不需要参数过滤的请求url
        initParameters.put("excludes", "/favicon.ico,/img/*,/js/*,/css/*");
        //isIncludeRichText主要用于设置富文本内容是否需要过滤
        initParameters.put("isIncludeRichText", "true");
        filterRegistrationBean.setInitParameters(initParameters);
        return filterRegistrationBean;
    }
}
